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1 )S Responsive to communication(s) filed on 05 August 2005 . 
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4) £3 Claim(s) 1-13 is/are pending in the application. 
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5) D Claim(s) is/are allowed. 

6) £3 Claim(s) 1-13 is/are rejected. 
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1 . Amended claims 1 -1 2 and new claim 1 3 are pending. 

2. This application claims the priority of 6/29/1 998. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-13 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §112 

4. Claims 8,10 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention (i.e.: a further condition may be associated in the 
database with the given policy). It was unclear what includes and excludes condition in 
database with the given policy. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Schneider et al [Schneider, 6,678,835 B1] in view of Reid et al [Reid, 6,182,226 B1]. 

5. As per claim 1 , Schneider discloses A policy enforcement system for enforcing 
policies defining what actions belonging to a first type thereof first entities defined in a 
computer system may perform on second entities defined in the computer system 
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[Shcneider, VPN, abstract], the policy enforcement system being of the type that 
includes 

a policy server including a policy database of the policies [Schneider, firewall or 
access filter, col 2 lines 50-65; distributed Policy Database, Fig 3, col 9 lines 34-col 12 
line 52]; and 

However Schneider does not explicitly detail 

a policy enforcer that controls performance of the first type of action and is 
capable of communicating a request to perform an action of the first type to the policy 
server, the policy enforcer permitting performance of the action only if a response from 
the policy server indicates that the policies permit the action and the policy enforcement 
system being characterized in that: 

the policy database is extensible to include policies for actions belonging to an 
additional type thereof and the policy enforcement system is thereby extensible to 
include, an additional policy enforcer which controls performance of actions of the 
additional type. 

In the same endeavor, Reid discloses a firewall or the enforces policy server 
includes policy database on VPN provides type enforcement enforces the least privilege 
concept by controlling all the interaction between domains and file types, specific file 
types of other domains [Reid, col 3 lines 27-40] 

Therefore it would have been obvious to an ordinary skill in the art at the time the 
invention was made to incorporate the policy enforcer permitting the interaction with the 
additional type of other domains as taught by Reid into the Schneider's apparatus in 
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order to utilize the access filters and policy database. Doing so would provide the 
controlling interaction between networks by the use of firewalls with defined regions 
[Reid, col 1 lines 53-55] 

6. Claims 8, 10 contain the similar limitations set forth in claim 1 . Therefore claims 
8,10 are rejected for the same rationale set forth in claim 1 . 

7. As per claim 2, Schneider-Reid disclose the policy database is of the class 
wherein policies are defined in terms of sets of the first entities and sets of the second 
entities and the policy database is further extensible to include an additional type of the 
first entities and/or an additional type of the second entities [Reid, other domains, col 3 
lines 27-40]. 

8. As per claim 3, Schneider-Reid disclose an action attribute may be associated in 
the database with a set of the first entities and/or a set of the second entities, the action 
attribute specifying a manner in which an action specified in a given policy is to be 
performed as regards entities in the set of first entities and/or entities in the set of 
second entities [Schneider, the distributed Policy Database, Fig 3, col 9 lines 34-col 12 
line 52]. 

9. As per claim 4, Schneider-Reid disclose the database is further extensible to 
include an additional type of action attributes [Schneider, attributes, col 7 lines 1-3]. 



Application/Control Number: 09/720,277 
Art Unit: 2142 



Page 5 



10. As per claim 5, Schneider-Reid disclose the additional policy enforcer controls 
performance of actions at a level of the computer system which is different from that at 
which the policy enforcer controls performance of actions [Reid, col 3 lines 27-40]. 

11. As per claim 6, Schneider-Reid disclose at least one of the policy enforcers is at 
a location in the computer system that is remote from the policy server [Reid, Internet, 
Fig 1]. 

12. As per claim 7, Schneider-Reid disclose the policy enforcer controls a second 
entity that is not part of the computer system [Reid, other domains, col 3 lines 27-40]. 

13. As per claim 9, Schneider-Reid disclose the further condition is a time interval 
specification associated with the given policy, the time interval specification specifying 
an interval of time during which entities belonging to the given set of first entities 
specified in the given policy may perform the given action specified therein on entities 
belonging to the given set of second entities specified therein [Schneider, a period of 
time, col 40 lines 60-65]. 

14. As per claim 1 1 , Schneider-Reid disclose the database is extensible to include 
new types of action attributes [Schneider, attributes, col 7 lines 1-3; extended from the 
access filter, col 18 lines 22-40]. 
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15. As per claim 12, Schneider-Reid disclose an action attribute condition may be 
associated in the database with an action attribute for the given policy, the action 
attribute condition determining whether a requesting entity belonging to the given set of 
first entities can perform the given action as specified in the action attribute on an entity 
in the given set of second entities at the time the requesting entity makes the request 
[Schneider, a period of time, col 40 lines 60-65]. 



16. As per claim 13, Schneider-Reid disclose the additional type of action is defined 
by a user of the policy enforcement system; and the policy enforcement system includes 
a user interface for extending the policy database by adding the user-defined additional 
type of action thereto [Schneider, define policies, col 24 lines 32-55, Fig 1 1]. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to examiner Thong Vu, whose telephone number is (571)- 
272-3904. The examiner can normally be reached on Monday-Thursday from 6:00AM- 
3:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell, can be reached at (571 ) 272-3868. The fax number for the 
organization where this application or proceeding is assigned is 571-273-8300 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval IPAIRI system. Status information for published 
applications may be obtained from either Private PMR or Public PMR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-21 7-91 97 (toll-free). 

Thong Vu 
Primary Examiner 
Art Unit 2142 



